commit 91cac4d3248be5d38d0ff6a5d578337646d685d0
parent daa1e7fa9723ef2f60d6ea68b711c1254b4d9718
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 22 Aug 2010 16:04:23 +0000
de-gcryptifing
Diffstat:
6 files changed, 609 insertions(+), 147 deletions(-)
diff --git a/src/daemon/Makefile.am b/src/daemon/Makefile.am
@@ -36,7 +36,9 @@ endif
if ENABLE_DAUTH
libmicrohttpd_la_SOURCES += \
- digestauth.c
+ digestauth.c \
+ md5.c md5.h \
+ sha1.c sha1.h
endif
if ENABLE_HTTPS
diff --git a/src/daemon/digestauth.c b/src/daemon/digestauth.c
@@ -23,13 +23,9 @@
* @author Amr Ali
*/
-#include <stdlib.h>
-#include <gcrypt.h>
-#include <string.h>
-#include <time.h>
#include "internal.h"
-#include "connection.h"
-#include "microhttpd.h"
+#include "md5.h"
+#include "sha1.h"
#define HASH_MD5_LEN 16
#define HASH_SHA1_LEN 20
@@ -38,7 +34,13 @@
#define _BASE "Digest "
-/* convert bin to hex */
+/**
+ * convert bin to hex
+ *
+ * @param bin binary data
+ * @param len number of bytes in bin
+ * @param hex pointer to len*2+1 bytes
+ */
static void
cvthex(const unsigned char *bin,
size_t len,
@@ -60,8 +62,13 @@ cvthex(const unsigned char *bin,
}
-/* calculate H(A1) as per RFC2617 spec */
-static int
+/**
+ * calculate H(A1) as per RFC2617 spec and store the
+ * result in 'sessionkey'.
+ *
+ * @param sessionkey pointer to buffer of 2*MD5_DIGEST_SIZE+1 bytes
+ */
+static void
digest_calc_ha1(const char *alg,
const char *username,
const char *realm,
@@ -70,36 +77,30 @@ digest_calc_ha1(const char *alg,
const char *cnonce,
char *sessionkey)
{
- gcry_md_hd_t md5;
- gcry_error_t gerror;
- unsigned char *ha1;
-
- gerror = gcry_md_open(&md5, GCRY_MD_MD5, GCRY_MD_FLAG_SECURE);
- if (gerror)
- return gerror;
- gcry_md_write(md5, username, strlen(username));
- gcry_md_write(md5, ":", 1);
- gcry_md_write(md5, realm, strlen(realm));
- gcry_md_write(md5, ":", 1);
- gcry_md_write(md5, password, strlen(password));
- gcry_md_final(md5);
- ha1 = gcry_md_read(md5, GCRY_MD_MD5);
- if (strcasecmp(alg, "md5-sess") == 0)
+ struct MD5Context md5;
+ unsigned char ha1[MD5_DIGEST_SIZE];
+
+ MD5Init (&md5);
+ MD5Update (&md5, username, strlen (username));
+ MD5Update (&md5, ":", 1);
+ MD5Update (&md5, realm, strlen (realm));
+ MD5Update (&md5, ":", 1);
+ MD5Update (&md5, password, strlen (password));
+ MD5Final (ha1, &md5);
+ if (0 == strcasecmp(alg, "md5-sess"))
{
- gcry_md_reset(md5);
- gcry_md_write(md5, ha1, HASH_MD5_LEN);
- gcry_md_write(md5, ":", 1);
- gcry_md_write(md5, nonce, strlen(nonce));
- gcry_md_write(md5, ":", 1);
- gcry_md_write(md5, cnonce, strlen(cnonce));
- gcry_md_final(md5);
- ha1 = gcry_md_read(md5, GCRY_MD_MD5);
+ MD5Init (&md5);
+ MD5Update (&md5, ha1, sizeof (ha1));
+ MD5Update (&md5, ":", 1);
+ MD5Update (&md5, nonce, strlen (nonce));
+ MD5Update (&md5, ":", 1);
+ MD5Update (&md5, cnonce, strlen (cnonce));
+ MD5Final (ha1, &md5);
}
- cvthex(ha1, HASH_MD5_LEN, sessionkey);
- gcry_md_close(md5);
- return 0;
+ cvthex(ha1, sizeof (ha1), sessionkey);
}
+
/**
* calculate request-digest/response-digest as per RFC2617 spec
*
@@ -125,63 +126,46 @@ digest_calc_response(const char *ha1,
const char *hentity,
char *response)
{
- gcry_md_hd_t md5;
- gcry_error_t gerror;
- unsigned char *ha2;
- unsigned char *resphash;
- char ha2hex[HASH_MD5_HEX_LEN + 1];
-
- gerror = gcry_md_open(&md5, GCRY_MD_MD5, GCRY_MD_FLAG_SECURE);
- if (gerror)
- return gerror;
- /*
- * calculate H(A2)
- */
+ struct MD5Context md5;
+ unsigned char ha2[MD5_DIGEST_SIZE];
+ unsigned char resphash[MD5_DIGEST_SIZE];
+ char ha2hex[MD5_DIGEST_SIZE * 2 + 1];
- gcry_md_write(md5, method, strlen(method));
- gcry_md_write(md5, ":", 1);
- gcry_md_write(md5, uri, strlen(uri));
+ MD5Init (&md5);
+ MD5Update (&md5, method, strlen(method));
+ MD5Update (&md5, ":", 1);
+ MD5Update (&md5, uri, strlen(uri));
if (strcasecmp(qop, "auth-int") == 0)
{
- gcry_md_write(md5, ":", 1);
- gcry_md_write(md5, hentity, strlen(hentity));
+ MD5Update (&md5, ":", 1);
+ MD5Update (&md5, hentity, strlen(hentity));
}
- gcry_md_final(md5);
-
- ha2 = gcry_md_read(md5, GCRY_MD_MD5);
-
+ MD5Final (ha2, &md5);
cvthex(ha2, HASH_MD5_LEN, ha2hex);
- gcry_md_reset(md5);
+ MD5Init (&md5);
- /*
- * calculate response
- */
+ /* calculate response */
- gcry_md_write(md5, ha1, HASH_MD5_HEX_LEN);
- gcry_md_write(md5, ":", 1);
- gcry_md_write(md5, nonce, strlen(nonce));
- gcry_md_write(md5, ":", 1);
+ MD5Update (&md5, ha1, HASH_MD5_HEX_LEN);
+ MD5Update (&md5, ":", 1);
+ MD5Update (&md5, nonce, strlen(nonce));
+ MD5Update (&md5, ":", 1);
if (*qop)
{
- gcry_md_write(md5, noncecount, strlen(noncecount));
- gcry_md_write(md5, ":", 1);
- gcry_md_write(md5, cnonce, strlen(cnonce));
- gcry_md_write(md5, ":", 1);
- gcry_md_write(md5, qop, strlen(qop));
- gcry_md_write(md5, ":", 1);
+ MD5Update (&md5, noncecount, strlen(noncecount));
+ MD5Update (&md5, ":", 1);
+ MD5Update (&md5, cnonce, strlen(cnonce));
+ MD5Update (&md5, ":", 1);
+ MD5Update (&md5, qop, strlen(qop));
+ MD5Update (&md5, ":", 1);
}
- gcry_md_write(md5, ha2hex, HASH_MD5_HEX_LEN);
- gcry_md_final(md5);
-
- resphash = gcry_md_read(md5, GCRY_MD_MD5);
-
- cvthex(resphash, HASH_MD5_LEN, response);
- gcry_md_close(md5);
-
+ MD5Update (&md5, ha2hex, HASH_MD5_HEX_LEN);
+ MD5Final (resphash, &md5);
+ cvthex(resphash, sizeof (resphash), response);
return 0;
}
@@ -258,17 +242,15 @@ MHD_digest_auth_get_username(struct MHD_Connection *connection)
header = MHD_lookup_connection_value(connection,
MHD_HEADER_KIND,
- MHD_HTTP_HEADER_AUTHORIZATION);
-
+ MHD_HTTP_HEADER_AUTHORIZATION);
if (header == NULL)
return NULL;
if (strncmp(header, _BASE, strlen(_BASE)) != 0)
- return NULL;
-
+ return NULL;
len = strlen(header) - strlen(_BASE) + 1;
- buffer = malloc(len);
-
- if (buffer == NULL) return NULL;
+ buffer = malloc(len);
+ if (buffer == NULL)
+ return NULL;
strncpy(buffer, header + strlen(_BASE), len);
@@ -321,7 +303,7 @@ MHD_digest_auth_check(struct MHD_Connection *connection,
const char *qop;
const char *nc;
const char *response;
- unsigned char *tmpnonce;
+ unsigned char tmpnonce[SHA1_DIGEST_SIZE];
char *hentity = NULL; /* "auth-int" is not supported */
char timestamp[5];
char ha1[HASH_MD5_HEX_LEN + 1];
@@ -329,8 +311,7 @@ MHD_digest_auth_check(struct MHD_Connection *connection,
char noncehashexp[HASH_SHA1_HEX_LEN + 9];
unsigned int nonce_time;
time_t t;
- gcry_error_t gerror;
- gcry_md_hd_t sha1;
+ struct SHA1Context sha1;
header = MHD_lookup_connection_value(connection,
MHD_HEADER_KIND,
@@ -392,34 +373,25 @@ MHD_digest_auth_check(struct MHD_Connection *connection,
free(buffer);
return MHD_INVALID_NONCE;
}
- gerror = gcry_md_open(&sha1, GCRY_MD_SHA1, GCRY_MD_FLAG_SECURE);
- if (gerror)
- {
- free(buffer);
- return MHD_NO;
- }
-
+ SHA1Init (&sha1);
timestamp[0] = (nonce_time & 0xff000000) >> 0x18;
timestamp[1] = (nonce_time & 0x00ff0000) >> 0x10;
timestamp[2] = (nonce_time & 0x0000ff00) >> 0x08;
timestamp[3] = nonce_time & 0x000000ff;
timestamp[4] = '\0';
- gcry_md_write(sha1, timestamp, 4);
- gcry_md_write(sha1, ":", 1);
- gcry_md_write(sha1, connection->method, strlen(connection->method));
- gcry_md_write(sha1, ":", 1);
- gcry_md_write(sha1, password, strlen(password));
- gcry_md_write(sha1, ":", 1);
- gcry_md_write(sha1, uri, strlen(uri));
- gcry_md_write(sha1, ":", 1);
- gcry_md_write(sha1, realm, strlen(realm));
- gcry_md_final(sha1);
-
- tmpnonce = gcry_md_read(sha1, GCRY_MD_SHA1);
+ SHA1Update(&sha1, timestamp, 4);
+ SHA1Update(&sha1, ":", 1);
+ SHA1Update(&sha1, connection->method, strlen(connection->method));
+ SHA1Update(&sha1, ":", 1);
+ SHA1Update(&sha1, password, strlen(password));
+ SHA1Update(&sha1, ":", 1);
+ SHA1Update(&sha1, uri, strlen(uri));
+ SHA1Update(&sha1, ":", 1);
+ SHA1Update(&sha1, realm, strlen(realm));
+ SHA1Final (tmpnonce, &sha1);
- cvthex(tmpnonce, HASH_SHA1_LEN, noncehashexp);
- gcry_md_close(sha1);
+ cvthex(tmpnonce, sizeof (tmpnonce), noncehashexp);
strncat(noncehashexp, nonce + strlen(nonce) - 8, 8);
@@ -463,20 +435,13 @@ MHD_digest_auth_check(struct MHD_Connection *connection,
return MHD_NO;
}
- auth = digest_calc_ha1("md5",
- username,
- realm,
- password,
- nonce,
- cnonce,
- ha1);
-
- if (auth)
- {
- free(buffer);
- return MHD_NO;
- }
-
+ digest_calc_ha1("md5",
+ username,
+ realm,
+ password,
+ nonce,
+ cnonce,
+ ha1);
auth = digest_calc_response(ha1,
nonce,
nc,
@@ -520,15 +485,13 @@ MHD_queue_auth_fail_response(struct MHD_Connection *connection,
{
int ret;
size_t hlen;
- unsigned char *tmpnonce;
- char *header;
+ unsigned char tmpnonce[SHA1_DIGEST_SIZE];
unsigned char timestamp[5];
char timestamphex[9];
char nonce[HASH_SHA1_HEX_LEN + 9];
time_t t;
struct MHD_Response *response;
- gcry_error_t gerror;
- gcry_md_hd_t sha1;
+ struct SHA1Context sha1;
response = MHD_create_response_from_data(0, NULL, MHD_NO, MHD_NO);
if (!response)
@@ -538,11 +501,7 @@ MHD_queue_auth_fail_response(struct MHD_Connection *connection,
* Generating the server nonce
*/
- gerror = gcry_md_open(&sha1, GCRY_MD_SHA1, GCRY_MD_FLAG_SECURE);
-
- if (gerror)
- return MHD_NO;
-
+ SHA1Init (&sha1);
time(&t);
timestamp[0] = (t & 0xff000000) >> 0x18;
@@ -551,23 +510,20 @@ MHD_queue_auth_fail_response(struct MHD_Connection *connection,
timestamp[3] = t & 0x000000ff;
timestamp[4] = '\0';
- gcry_md_write(sha1, timestamp, 4);
- gcry_md_write(sha1, ":", 1);
- gcry_md_write(sha1, connection->method, strlen(connection->method));
- gcry_md_write(sha1, ":", 1);
- gcry_md_write(sha1, password, strlen(password));
- gcry_md_write(sha1, ":", 1);
- gcry_md_write(sha1, connection->url, strlen(connection->url));
- gcry_md_write(sha1, ":", 1);
- gcry_md_write(sha1, realm, strlen(realm));
- gcry_md_final(sha1);
-
- tmpnonce = gcry_md_read(sha1, GCRY_MD_SHA1);
+ SHA1Update(&sha1, timestamp, 4);
+ SHA1Update(&sha1, ":", 1);
+ SHA1Update(&sha1, connection->method, strlen(connection->method));
+ SHA1Update(&sha1, ":", 1);
+ SHA1Update(&sha1, password, strlen(password));
+ SHA1Update(&sha1, ":", 1);
+ SHA1Update(&sha1, connection->url, strlen(connection->url));
+ SHA1Update(&sha1, ":", 1);
+ SHA1Update(&sha1, realm, strlen(realm));
+ SHA1Final (tmpnonce, &sha1);
cvthex(timestamp, 4, timestamphex);
- cvthex(tmpnonce, HASH_SHA1_LEN, nonce);
+ cvthex(tmpnonce, sizeof (tmpnonce), nonce);
strncat(nonce, timestamphex, 8);
- gcry_md_close(sha1);
/*
* Building the authentication header
diff --git a/src/daemon/md5.c b/src/daemon/md5.c
@@ -0,0 +1,263 @@
+/*
+ * This code implements the MD5 message-digest algorithm.
+ * The algorithm is due to Ron Rivest. This code was
+ * written by Colin Plumb in 1993, no copyright is claimed.
+ * This code is in the public domain; do with it what you wish.
+ *
+ * Equivalent code is available from RSA Data Security, Inc.
+ * This code has been tested against that, and is equivalent,
+ * except that you don't need to include two pages of legalese
+ * with every copy.
+ *
+ * To compute the message digest of a chunk of bytes, declare an
+ * MD5Context structure, pass it to MD5Init, call MD5Update as
+ * needed on buffers full of bytes, and then call MD5Final, which
+ * will fill a supplied 16-byte array with the digest.
+ */
+
+/* Brutally hacked by John Walker back from ANSI C to K&R (no
+ prototypes) to maintain the tradition that Netfone will compile
+ with Sun's original "cc". */
+
+#include <memory.h>
+#include <stdint.h>
+#include "md5.h"
+
+#ifndef HIGHFIRST
+#define byteReverse(buf, len) /* Nothing */
+#else
+/*
+ * Note: this code is harmless on little-endian machines.
+ */
+static void
+byteReverse(unsigned char *buf,
+ unsigned longs)
+{
+ uint32_t t;
+ do {
+ t = (uint32_t) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
+ ((unsigned) buf[1] << 8 | buf[0]);
+ *(uint32_t *) buf = t;
+ buf += 4;
+ } while (--longs);
+}
+#endif
+
+
+/* The four core functions - F1 is optimized somewhat */
+
+/* #define F1(x, y, z) (x & y | ~x & z) */
+#define F1(x, y, z) (z ^ (x & (y ^ z)))
+#define F2(x, y, z) F1(z, x, y)
+#define F3(x, y, z) (x ^ y ^ z)
+#define F4(x, y, z) (y ^ (x | ~z))
+
+/* This is the central step in the MD5 algorithm. */
+#define MD5STEP(f, w, x, y, z, data, s) \
+ ( w += f(x, y, z) + data, w = w<<s | w>>(32-s), w += x )
+
+/*
+ * The core of the MD5 algorithm, this alters an existing MD5 hash to
+ * reflect the addition of 16 longwords of new data. MD5Update blocks
+ * the data and converts bytes into longwords for this routine.
+ */
+static void
+MD5Transform(uint32_t buf[4],
+ uint32_t in[16])
+{
+ uint32_t a, b, c, d;
+
+ a = buf[0];
+ b = buf[1];
+ c = buf[2];
+ d = buf[3];
+
+ MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
+ MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
+ MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17);
+ MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
+ MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
+ MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
+ MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17);
+ MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22);
+ MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7);
+ MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
+ MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
+ MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
+ MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7);
+ MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
+ MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
+ MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);
+
+ MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
+ MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9);
+ MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
+ MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
+ MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
+ MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9);
+ MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
+ MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
+ MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
+ MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
+ MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
+ MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
+ MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
+ MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
+ MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
+ MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
+
+ MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
+ MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11);
+ MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
+ MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
+ MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
+ MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
+ MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
+ MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
+ MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
+ MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
+ MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
+ MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23);
+ MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
+ MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
+ MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
+ MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
+
+ MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6);
+ MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10);
+ MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
+ MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
+ MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
+ MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
+ MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
+ MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
+ MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
+ MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
+ MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15);
+ MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
+ MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
+ MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
+ MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
+ MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21);
+
+ buf[0] += a;
+ buf[1] += b;
+ buf[2] += c;
+ buf[3] += d;
+}
+
+
+/*
+ * Start MD5 accumulation. Set bit count to 0 and buffer to mysterious
+ * initialization constants.
+ */
+void MD5Init(struct MD5Context *ctx)
+{
+ ctx->buf[0] = 0x67452301;
+ ctx->buf[1] = 0xefcdab89;
+ ctx->buf[2] = 0x98badcfe;
+ ctx->buf[3] = 0x10325476;
+
+ ctx->bits[0] = 0;
+ ctx->bits[1] = 0;
+}
+
+/*
+ * Update context to reflect the concatenation of another buffer full
+ * of bytes.
+ */
+void
+MD5Update(struct MD5Context *ctx,
+ const void *data,
+ unsigned len)
+{
+ const unsigned char *buf = data;
+ uint32_t t;
+
+ /* Update bitcount */
+
+ t = ctx->bits[0];
+ if ((ctx->bits[0] = t + ((uint32_t) len << 3)) < t)
+ ctx->bits[1]++; /* Carry from low to high */
+ ctx->bits[1] += len >> 29;
+
+ t = (t >> 3) & 0x3f; /* Bytes already in shsInfo->data */
+
+ /* Handle any leading odd-sized chunks */
+
+ if (t) {
+ unsigned char *p = (unsigned char *) ctx->in + t;
+
+ t = 64 - t;
+ if (len < t) {
+ memcpy(p, buf, len);
+ return;
+ }
+ memcpy(p, buf, t);
+ byteReverse(ctx->in, 16);
+ MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+ buf += t;
+ len -= t;
+ }
+ /* Process data in 64-byte chunks */
+
+ while (len >= 64) {
+ memcpy(ctx->in, buf, 64);
+ byteReverse(ctx->in, 16);
+ MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+ buf += 64;
+ len -= 64;
+ }
+
+ /* Handle any remaining bytes of data. */
+
+ memcpy(ctx->in, buf, len);
+}
+
+/*
+ * Final wrapup - pad to 64-byte boundary with the bit pattern
+ * 1 0* (64-bit count of bits processed, MSB-first)
+ */
+void MD5Final(unsigned char digest[16],
+ struct MD5Context *ctx)
+{
+ unsigned count;
+ unsigned char *p;
+
+ /* Compute number of bytes mod 64 */
+ count = (ctx->bits[0] >> 3) & 0x3F;
+
+ /* Set the first char of padding to 0x80. This is safe since there is
+ always at least one byte free */
+ p = ctx->in + count;
+ *p++ = 0x80;
+
+ /* Bytes of padding needed to make 64 bytes */
+ count = 64 - 1 - count;
+
+ /* Pad out to 56 mod 64 */
+ if (count < 8) {
+ /* Two lots of padding: Pad the first block to 64 bytes */
+ memset(p, 0, count);
+ byteReverse(ctx->in, 16);
+ MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+
+ /* Now fill the next block with 56 bytes */
+ memset(ctx->in, 0, 56);
+ } else {
+ /* Pad block to 56 bytes */
+ memset(p, 0, count - 8);
+ }
+ byteReverse(ctx->in, 14);
+
+ /* Append length in bits and transform */
+ ((uint32_t *) ctx->in)[14] = ctx->bits[0];
+ ((uint32_t *) ctx->in)[15] = ctx->bits[1];
+
+ MD5Transform(ctx->buf, (uint32_t *) ctx->in);
+ byteReverse((unsigned char *) ctx->buf, 4);
+ memcpy(digest, ctx->buf, 16);
+ memset(ctx, 0, sizeof(ctx)); /* In case it's sensitive */
+}
+
+/* end of md5.c */
diff --git a/src/daemon/md5.h b/src/daemon/md5.h
@@ -0,0 +1,31 @@
+#ifndef MD5_H
+#define MD5_H
+
+#include "MHD_config.h"
+
+#ifdef WORDS_BIGENDIAN
+#define HIGHFIRST
+#endif
+
+#define MD5_DIGEST_SIZE 16
+
+struct MD5Context
+{
+ uint32_t buf[4];
+ uint32_t bits[2];
+ unsigned char in[64];
+};
+
+
+void
+MD5Init(struct MD5Context *ctx);
+
+void
+MD5Update(struct MD5Context *ctx,
+ const void *buf,
+ unsigned len);
+
+void MD5Final(unsigned char digest[MD5_DIGEST_SIZE],
+ struct MD5Context *ctx);
+
+#endif /* !MD5_H */
diff --git a/src/daemon/sha1.c b/src/daemon/sha1.c
@@ -0,0 +1,166 @@
+/*
+SHA-1 in C
+By Steve Reid <steve@edmweb.com>
+100% Public Domain
+
+Test Vectors (from FIPS PUB 180-1)
+"abc"
+ A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
+"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+ 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
+A million repetitions of "a"
+ 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
+*/
+
+#include "sha1.h"
+
+#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
+
+/* blk0() and blk() perform the initial expand. */
+/* I got the idea of expanding during the round function from SSLeay */
+#ifdef LITTLE_ENDIAN
+#define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \
+ |(rol(block->l[i],8)&0x00FF00FF))
+#else
+#define blk0(i) block->l[i]
+#endif
+#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \
+ ^block->l[(i+2)&15]^block->l[i&15],1))
+
+/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
+#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
+#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
+#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
+#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
+#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
+
+
+/* Hash a single 512-bit block. This is the core of the algorithm. */
+
+static void
+SHA1Transform(unsigned long state[5],
+ const unsigned char buffer[64])
+{
+unsigned long a, b, c, d, e;
+typedef union {
+ unsigned char c[64];
+ unsigned long l[16];
+} CHAR64LONG16;
+CHAR64LONG16* block;
+#ifdef SHA1HANDSOFF
+static unsigned char workspace[64];
+ block = (CHAR64LONG16*)workspace;
+ memcpy(block, buffer, 64);
+#else
+ block = (CHAR64LONG16*)buffer;
+#endif
+ /* Copy context->state[] to working vars */
+ a = state[0];
+ b = state[1];
+ c = state[2];
+ d = state[3];
+ e = state[4];
+ /* 4 rounds of 20 operations each. Loop unrolled. */
+ R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
+ R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
+ R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
+ R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
+ R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
+ R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
+ R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
+ R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
+ R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
+ R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
+ R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
+ R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
+ R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
+ R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
+ R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
+ R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
+ R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
+ R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
+ R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
+ R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
+ /* Add the working vars back into context.state[] */
+ state[0] += a;
+ state[1] += b;
+ state[2] += c;
+ state[3] += d;
+ state[4] += e;
+ /* Wipe variables */
+ a = b = c = d = e = 0;
+}
+
+
+/* SHA1Init - Initialize new context */
+
+void SHA1Init(struct SHA1Context* context)
+{
+ /* SHA1 initialization constants */
+ context->state[0] = 0x67452301;
+ context->state[1] = 0xEFCDAB89;
+ context->state[2] = 0x98BADCFE;
+ context->state[3] = 0x10325476;
+ context->state[4] = 0xC3D2E1F0;
+ context->count[0] = context->count[1] = 0;
+}
+
+
+/* Run your data through this. */
+
+void SHA1Update(struct SHA1Context* context,
+ const void *buf, unsigned int len)
+{
+ const unsigned char* data = buf;
+unsigned int i, j;
+
+ j = (context->count[0] >> 3) & 63;
+ if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++;
+ context->count[1] += (len >> 29);
+ if ((j + len) > 63) {
+ memcpy(&context->buffer[j], data, (i = 64-j));
+ SHA1Transform(context->state, context->buffer);
+ for ( ; i + 63 < len; i += 64) {
+ SHA1Transform(context->state, &data[i]);
+ }
+ j = 0;
+ }
+ else i = 0;
+ memcpy(&context->buffer[j], &data[i], len - i);
+}
+
+
+/* Add padding and return the message digest. */
+
+void SHA1Final(unsigned char digest[SHA1_DIGEST_SIZE],
+ struct SHA1Context* context)
+{
+unsigned long i, j;
+unsigned char finalcount[8];
+
+ for (i = 0; i < 8; i++) {
+ finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)]
+ >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
+ }
+ SHA1Update(context, (unsigned char *)"\200", 1);
+ while ((context->count[0] & 504) != 448) {
+ SHA1Update(context, (unsigned char *)"\0", 1);
+ }
+ SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
+ for (i = 0; i < SHA1_DIGEST_SIZE; i++) {
+ digest[i] = (unsigned char)
+ ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
+ }
+ /* Wipe variables */
+ i = j = 0;
+ memset(context->buffer, 0, 64);
+ memset(context->state, 0, 20);
+ memset(context->count, 0, 8);
+ memset(&finalcount, 0, 8);
+#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite it's own static vars */
+ SHA1Transform(context->state, context->buffer);
+#endif
+}
+
+
+/* end of sha1.c */
diff --git a/src/daemon/sha1.h b/src/daemon/sha1.h
@@ -0,0 +1,44 @@
+#ifndef SHA1_H
+#define SHA1_H
+/*
+SHA-1 in C
+By Steve Reid <steve@edmweb.com>
+100% Public Domain
+
+Test Vectors (from FIPS PUB 180-1)
+"abc"
+ A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
+"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+ 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
+A million repetitions of "a"
+ 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
+*/
+
+#include "MHD_config.h"
+
+#ifndef WORDS_BIGENDIAN
+#ifndef LITTLE_ENDIAN
+#define LITTLE_ENDIAN
+#endif
+#endif
+
+#include <stdio.h>
+#include <string.h>
+
+struct SHA1Context {
+ unsigned long state[5];
+ unsigned long count[2];
+ unsigned char buffer[64];
+};
+
+#define SHA1_DIGEST_SIZE 20
+
+void SHA1Init(struct SHA1Context* context);
+void SHA1Update(struct SHA1Context* context,
+ const void* data,
+ unsigned int len);
+void SHA1Final(unsigned char digest[SHA1_DIGEST_SIZE],
+ struct SHA1Context* context);
+
+
+#endif
